Use Cases

Work from Home

When enterprises require employees to work from home by remotely connecting to their servers and networks using sanitized operating systems.

Bring Your Own Device (BYOD)

When enterprises allow the employees to bring their own devices to work. Usually personal PC/Laptops are infected due to the nature of internet browsing habits. ThinC-Compute sets aside the personal hard drive and loads the read only sanitized OS thus utilizing the compute power of the PC yet through a sanitized environment.

Remote Vendor Access

Same use cases as the above but to manage remote vendor access using sanitized OS and registered vendors only.

FIDO – PC/Laptop Login

Use FIDO to biometrically authenticate the user to gain access to this workstation/PC/Laptop. This eliminates the need for username/password and prevents any outsider or intruder to login to the employee’s workstation.

Restrict Malware Propagation

Where ever copy/duplication from a read only storage is required, ThinC-Compute can effectively protect against malware propagation. For write access, limited protection is offered as referred in the scenario table above.

Password & Sensitive Data Storage

When top officials need to store passwords, credentials and other personal documents, ThinC-Compute is best possible device that has on-board biometrics along with tamper protection.

Remote Database & Network Administration

Same use cases as the above but to allow remote administration using sanitized OS packed with advanced admin tools required for remote support.

Pre-Configured VPN Clients, Firewalls & Proxy Settings

Using, pre- installed VPN clients (Cisco, Citrix etc.) and access to the VPN network from a customized read-only OS offers double the protection. Few banks in India have requested for this specific configuration and PoC has been successfully demonstrated.

Restricted Website Access

End-users can browse only allowed/pre- configured websites and will not be able to browse any other sites or applications.

A completely customized OS by removing access to external drives, networks and terminals can be packaged into the ThinC-Compute device thus proofing against most vulnerabilities of a regular OS.

Restricted File Sharing on WiFi & Internet

ThinC-Compute could be configured in such way that the end-users could browse the internet while preventing file sharing over the internet.

Hidden Partition

ThinC-Compute could host a hidden partition to store persistent data like configuration files and any user downloaded resources. This partition is accessed only using a custom tool and is not recognized by the OS or other programs.

Address Ransomware

ThinC-Compute is the only solution to rightly address the ransomware attacks as the contents cannot be encrypted or written on to. Backups and anti-viruses cannot really help which has been proven with many ransomware attacks including WannaCry.

Restrict Malware & Viruses

Malware cannot be installed on the read-only operating system. It may run temporarily but when rebooted will be wiped off. With appropriate server binding, firewall configuration, VPN access and network configuration, one can limit the sources of malware and viruses.

FIDO – No More Passwords!

With the specification of FIDO, passwords and any identity information is not required to be transmitted over the networks and stored at a centralized server. ThinC’s biometric authentication can quickly gain access to the server applications with a fingerprint scan.

ATM Software Distribution

Copy ATM Logs and Video Feeds

Banks require to copy the videos and logs from the ATM to the bank servers. Since the partition requires write access, please refer to the scenario table above.

FIDO – PC/Laptop Login

Use FIDO to biometrically authenticate the user to gain access to this workstation/PC/Laptop. This eliminates the need for username/password and prevents any outsider or intruder to login to the employee’s workstation.

Same as above with shared partition for multiple users to access the same partition with independent biometric access.

Restrict Malware Propagation

Where ever copy/duplication from a read only storage is required, ThinC-Compute can effectively protect against malware propagation. For write access, limited protection is offered as referred in the scenario table above.

Password & Sensitive Data Storage

When top officials need to store passwords, credentials and other personal documents, ThinC-Compute is best possible device that has on-board biometrics along with tamper protection.

Share Reports & Sensitive Data with Vendors and Regulatory (Eg. RBI)

When certain reports are to be shared with regulatory authorities or vendors, ThinC-Compute devices come in handy.

Share Code and Resources within the Software Development Teams

To share critical code and resources among or across development teams.

ThinC-Vault Storage Variants

ThinC-Vault is tested with multiple Storage capacities and is available in 32GB, 64GB and 128GB (actual usable storage capacity varies).

Use Cases - Option 2

Highly Secured Data Communications Between Networks

Between two branches, departments, locations or head-office to the branches.

Secure Sensitive Video Conferences

When highly sensitive video communication is required, L4CRYPT can be a trusted device to secure the end-to-end video channel.

Using other devices based on session key exchange, an attacker could sniff and copy the transmitted video and at leisure brute-force the key and retrieve the entire content using the key, because the whole session is encrypted with one single key.

L4CRYPT on the other hand encrypts every packet with a dynamic and random key, where the hacker after all the brute-force efforts will get to see one packet of the entire communication.

Secure Voice Calling

Same as the above use case but deployed between two ends of the voice channel or PSTN.

Secure VOIP Traffic

Same as the above use cases, but deployed between two ends of the VOIP terminals.

Simultaneous Data/Video/Voice/Fax Communication

When a same network is used for different purposes, L4CRYPT can effectively encrypt and transmit independent communications/channels simultaneously.

Drop Malware Communication to Remote Hacker Location

Usually malware within the network collects information and credentials and sends them out to a remote hacker location. With L4CRYPT, the first packet goes encrypted to the hacker and as the hacker does not have the paired L4CRYPT on his end, due lack of acknowledgement of the packet, all further communication is automatically dropped at the source L4CRYPT.

Securing ATM to the Bank Server Connectivity

ATMs are generally prone to malware and remote hacking. With L4CRYPT, any malware residing on the ATM could run within the machine but will not be able to communicate to the hacker location as explained above. ATMs and the Bank Server are only equipped to communicate securely and no other device, machine or person can sniff/intercept the data-in-transit.

Intranets & LANs

Small throughput variants could be deployed between machines. LANCRYPT (10 Mbps variant with smaller form factor) can effectively drop malware communication and propagation from the connected machines/PCs to the outside networks or remote hacker locations.

Secure Specific, IP Destination, Application or Port

L4CRYPT can be customized to secure specific IP destination, protocol, application and up to the port level. L4CRYPT does not support this functionality by default, but could be customized.